Tomcat provides migration tools to help you upgrade your codes to the
latest Jakarta EE API.
https://tomcat.apache.org/download-migration.cgi
---
Regards,
*Hantsy Bai*
Self-employed consultant, fullstack developer, agile coach,
freelancer/remote worker
GitHub: https://github.com/hantsy
Twitter
13 Dec 2024 21:40:23 Christopher Schultz :
Dan,
On 12/13/24 4:07 PM, Dan Rabe wrote:
I noticed that JsonAccessLogValve is documented in the Tomcat 9
configuration docs
(https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) as well
as the Tomcat 11 docs
(https://tomcat.apache.org/tom
Hi Team,
We are currently using Tomcat 9.0.70 . I would like to know what is EOL
(stretched) for this version ? Secondly , we would like to know if moving to
higher version of Tomcat e.g. 10.X would force us to migrate to Jakarta specs
instead of using the Java EE specs ? Currently , we could
Brian,
On 12/13/24 3:38 PM, Paquin, Brian wrote:
I am using Tomcat 10.1.30 with Tomcat Native and get these errors when user’s
connect to an application:
WARNING [https-openssl-nio-9443-exec-27]
org.apache.coyote.http2.Http2Parser.readSettingsFrame Connection [424], An
unknown setting with id
Dan,
On 12/13/24 4:07 PM, Dan Rabe wrote:
I noticed that JsonAccessLogValve is documented in the Tomcat 9 configuration
docs (https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) as well as
the Tomcat 11 docs (https://tomcat.apache.org/tomcat-11.0-doc/config/valve.html
)…but is not m
Lloyd,
On 12/13/24 2:41 PM, DIGLLOYD wrote:
Agreed, it is probably pointless to support SHA-256, given the hard
requirement of supporting MD5 in older browsers for many years to
come.
OTOH, running any kind of DIGEST over TLS and storing zero sensitive
info on server is completely acceptable fo
Hi,
I noticed that JsonAccessLogValve is documented in the Tomcat 9 configuration
docs (https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) as well as
the Tomcat 11 docs (https://tomcat.apache.org/tomcat-11.0-doc/config/valve.html
)…but is not mentioned in the Tomcat 10 docs
(https:/
Hello,
I am using Tomcat 10.1.30 with Tomcat Native and get these errors when user’s
connect to an application:
WARNING [https-openssl-nio-9443-exec-27]
org.apache.coyote.http2.Http2Parser.readSettingsFrame Connection [424], An
unknown setting with identifier [8] and value [1] was ignored
I sus
Agreed, it is probably pointless to support SHA-256, given the hard requirement
of supporting MD5 in older browsers for many years to come.
OTOH, running any kind of DIGEST over TLS and storing zero sensitive info on
server is completely acceptable for my own use case.
> On Dec 13, 2024, at 11:
Lloyd,
On 12/13/24 2:32 PM, DIGLLOYD wrote:
Yes, it is returning the digest without modification. That’s not the issue.
There are three options:
(1) require MD5 only
(2) require SHA-256 only
(3) allow either MD5 or SHA-256
#2 is not an option since some browsers (eg Safari) do not yet support
Yes, it is returning the digest without modification. That’s not the issue.
There are three options:
(1) require MD5 only
(2) require SHA-256 only
(3) allow either MD5 or SHA-256
#2 is not an option since some browsers (eg Safari) do not yet support SHA-256.
And SHA-256 will never be supported o
Lloyd,
On 12/13/24 11:47 AM, DIGLLOYD wrote:
BTW, I was able to support *both* MD5 and SHA-256 in my subclass of
org.apache.catalina.realm.RealmBase
ISSUE: org.apache.catalina.realm.RealmBas.getPassword(final String username)
affords no means to know *which* algorithm ie which digest to ret
Thank you Mark.
DIGEST, and in Tomcat 9 (not 11). Not sure if 9 vs 11 matters.
Sure enough, I missed “algorithms” attribute in . Having that config
for ~15 years and then having things start to fail led me down the wrong path
it seem.
I did 3 things wrong:
- just did not see “algorithms”
BTW, I was able to support *both* MD5 and SHA-256 in my subclass of
org.apache.catalina.realm.RealmBase
ISSUE: org.apache.catalina.realm.RealmBas.getPassword(final String username)
affords no means to know *which* algorithm ie which digest to return.
I dealt with this by subclassing org.apach
Hi Mark,
Which version did you migrate from?
10.1.30
How often do you see these messages?
Hardly ever, maybe a dozen of times ... we have millions of daily requests
Do they correlate with any particular (failed?) request.
No
I don't have more information, just these traces. The first trace
(Nu
On 13/12/2024 00:39, DIGLLOYD wrote:
ISSUE: users cannot login to my site.
CAUSE: Firefox and Chrome are sending SHA-256 DIGEST auth, which is MD5 (Safari
uses MD5 which is working fine)
Details:
- Tomcat 9.0.98
- DIGEST auth using MD5
- has been working for 15+ years just fine.
- have read all
16 matches
Mail list logo
